✨ Feature Suggestion | List PGP keys + proofs of recommendations somewhere? #1755

New Issue

Open

opened 2020-03-03 15:29:25 +00:00 by Mikaela · 1 comment

Mikaela commented 2020-03-03 15:29:25 +00:00 (Migrated from github.com)

Copy Link

Description

A bit like https://github.com/privacytoolsIO/privacytools.io/issues/1622, we have multiple recommendations who are using PGP in code/software signing, sign emails they send or support PGP encrypted emails. https://github.com/privacytoolsIO/privacytools.io/issues/1703 would bring more of them, so I wonder if we should have a list of the PGP fingerprints (with a big warning to not solely trust us and do your own research)?

I think this might carry a risk of us becoming a pseudo CA though, while git makes all changes transparent (at least for those who look).

As with #1622, I have a personal "project" doing similar except that I am not bothering with proofs there. README

## Description A bit like https://github.com/privacytoolsIO/privacytools.io/issues/1622, we have multiple recommendations who are using PGP in code/software signing, sign emails they send or support PGP encrypted emails. https://github.com/privacytoolsIO/privacytools.io/issues/1703 would bring more of them, so I wonder if we should have a list of the PGP fingerprints (with a big warning to not solely trust us and do your own research)? I think this might carry a risk of us becoming a pseudo CA though, while git makes all changes transparent (at least for those who look). *As with #1622, [I have a personal "project" doing similar](https://gitea.blesmrt.net/mikaela/pgp-alt-wot/) except that I am not bothering with proofs there. [README](https://gitea.blesmrt.net/mikaela/pgp-alt-wot/src/branch/master/README.md)*

jonah commented 2020-03-09 03:02:39 +00:00

Copy Link

I think this might carry a risk of us becoming a pseudo CA though

This is my concern, especially because we will now be tasked with keeping it up to date with changes as well. If a project utilizes PGP they should also have a mechanism to securely transmit that key to the user on their own, IMO.

> I think this might carry a risk of us becoming a pseudo CA though This is my concern, especially because we will now be tasked with keeping it up to date with changes as well. If a project utilizes PGP they should also have a mechanism to securely transmit that key to the user on their own, IMO.

This repo is archived. You cannot comment on issues.

No Branch/Tag Specified

Branches Tags

master

dependabot/bundler/nokogiri-1.13.6

dependabot/bundler/addressable-2.8.0

freddy-m-patch-3

pr-add_RemoveMyPhone_sponsor

pr-browser_cleanup_1257_1328_1430

freddy-m-patch-2

freddy-m-patch-1

pr-vpn_hated_one_video

cdn

update-nitrohorse-image

promote-metager-to-card

hardware

pr-add_azirevpn

pr-add_mailfence

shop

1673

pr/1658

i18n-simple

sponsorship-edits-nov2019

i18n

ipfs

blacklight447-ptio-patch-3

blog

remove-windows-icons

pr/1147

i18n-testing

add-beautify

No results found.

Labels

Clear labels

🔍🤖 Search Engines

approved

approved, waiting for a PR

dependencies

Pull requests that update a dependency file

duplicate

feedback wanted

high priority

I2P

The Invisible Internet Project (I2P)

iOS

low priority

OS

Operating Systems

Self-contained networks

Social media

stale

A label for stalebot if it gets added

streaming

Anything related to media streaming.

todo

Tor

Anything covering the Tor network

WIP

active work in progress, do not merge or PR (yet)!

wontfix

Issues or bugs that will not be fixed and/or do not have significant impact on the project.

XMPP

Extensible Messaging and Presence Protocol

[m]

Matrix protocol

₿ cryptocurrency

ℹ️ help wanted

↔️ file sharing

⚙️ web extensions

Browser Extension related issues

✨ enhancement

❌ software removal

💬 discussion

🤖 Android

🐛 bug

💢 conflicting

📝 correction

Correction of content on the website

🆘 critical

📧 email

🔒 file encryption

📁 file storage

🦊 Firefox

Firefox & forks, about:config etc.

💻 hardware

🌐 hosting

🏠 housekeeping

Anything primarily related to site cleanup.

🔐 password managers

🧰 productivity tools

🔎 research required

🌐 Social News Aggregators

🆕 software suggestion

👥 team chat

🔒 VPN

Virtual Private Network

🌐 website issue

*Technical* issues with the website.

🚫 Windows

👁️ browsers

🖊️ digital notebooks

🗄️ DNS

Domain Name System

🗨️ instant messaging (im)

🇦🇶 translations

Anything covering a translated version of the site

No Label

✨ enhancement

Milestone

No items

No Milestone

Assignees

Clear assignees

jonah

No Assignees

1 Participants

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: privacyguides/privacytools.io#1755

No description provided.